69338 matches found
Hash Form <= 1.1.0 - Arbitrary File Upload
The Hash Form Drag & Drop Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fileuploadaction' function in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on...
Chamilo LMS <= 1.11.24 - Remote Code Execution
Unrestricted file upload in big file upload functionality in /main/inc/lib/javascript/bigupload/inc/bigUpload.php in Chamilo LMS = v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell. id: CVE-2023-422...
Studio-42 elFinder <2.1.60 - Arbitrary File Upload
Studio-42 elFinder 2.0.4 to 2.1.59 is vulnerable to unauthenticated file upload via connector.minimal.php which could allow a remote user to upload arbitrary files and execute PHP code. id: CVE-2021-43421 info: name: Studio-42 elFinder 2.1.60 - Arbitrary File Upload author: akincibor severity:...
CVE-2026-13352 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content <= 4.16.18 - Authenticated (Author+) Limited Unsafe File Upload via upload_mimes Filter Expansion
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 4.16.18 via the allowedmimetypes function. This is due to the unconditional...
EUVD-2026-45134
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 4.16.18 via the allowedmimetypes function. This is due to the unconditional...
CVE-2026-13352
The ProfilePress/ Paid Membership plugin for WordPress (up to version 4.16.18) is vulnerable to Arbitrary File Upload via the allowed_mime_types/upload_mimes filter expansion. A filter is registered globally on every request, unconditionally adding executable extensions (.exe, .apk, .msi) to the ...
CVE-2026-62216
OpenClaw 2026.4.20 before 2026.5.28 contains a policy bypass in the QQBot media upload feature that could allow a lower-trust caller or configured input path to reach network destinations blocked by policy (server-side request forgery). Practical impact depends on operator configuration and wheth...
EUVD-2026-45104
OpenClaw 2026.4.20 before 2026.5.28 contain a policy bypass in the QQBot media upload feature. A lower-trust caller or configured input path could cause the media upload to reach network destinations that should have been blocked by OpenClaw policy server-side request forgery. The practical impac...
Apache ActiveMQ Fileserver - Arbitrary File Write
Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request via the Fileserver web application. id: CVE-2016-3088 info: name: Apache ActiveMQ Fileserver - Arbitrary File Write author: fqhsu severity: critical...
Qualitor <= 8.24 - Remote Code Execution
Qualitor up to 8.24 is vulnerable to Remote Code Execution RCE via Arbitrary File Upload in checkAcesso.php. id: CVE-2024-44849 info: name: Qualitor = 8.24 - Remote Code Execution author: s4e-io severity: critical description: | Qualitor up to 8.24 is vulnerable to Remote Code Execution RCE via...
User Profile Builder < 3.11.8 - File Upload
The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP. id: CVE-2024-6366 info: name: User Profile Builder 3.11.8 - File Upload author: s4e-io severity: high...
Likeshop < 2.5.7.20210311 - Arbitrary File Upload
A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file with an...
Camaleon CMS < 2.8.1 Arbitrary File Write to RCE
An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on depending on the permissions of the underlying filesystem. E.g. This can lead to a remote...
Apache httpd <=2.4.29 - Arbitrary File Upload
Apache httpd 2.4.0 to 2.4.29 is susceptible to arbitrary file upload vulnerabilities via the expression specified in , which could match '$' to a newline character in a malicious filename rather than matching only the end of the filename. This could be exploited in environments where uploads of...
Joomla! JCE extension < 2.9.99.5 unauthenticated RCE
Joomla JCE editor extension contains an unrestricted file upload vulnerability caused by allowing unauthenticated users to create new editor profiles, letting attackers upload and execute PHP code remotely, exploit requires no authentication. id: CVE-2026-48907 info: name: Joomla! JCE extension...
WPvivid Backup & Migration <= 0.9.123 - Arbitrary File Upload
WPvivid Backup & Migration plugin for WordPress = 0.9.123 contains an unauthenticated arbitrary file upload vulnerability caused by improper error handling in RSA decryption and lack of path sanitization, letting unauthenticated attackers upload arbitrary PHP files and achieve remote code executi...
Ninja Forms File Uploads <= 3.3.26 - Arbitrary File Upload
Ninja Forms File Uploads plugin for WordPress versions up to and including 3.3.26 is vulnerable to unauthenticated arbitrary file upload which could lead to remote code execution. id: CVE-2026-0740 info: name: Ninja Forms File Uploads = 3.3.26 - Arbitrary File Upload author: whattheslime severity...
Kaseya VSA < 9.5.7 - Arbitrary File Upload to Remote Code Execution
An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management RMM 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leadin...
Bonita Web 2021.2 - Authentication/Authorization Bypass
Bonita Web 2021.2 contains an authentication/authorization bypass vulnerability caused by an overly broad exclude pattern in RestAPIAuthorizationFilter, allowing unauthenticated users to access privileged API endpoints by appending ;i18ntranslation or /../i18ntranslation/ to the URL. id:...
Monsta FTP <= 2.11.2 - Unauthenticated Remote Code Execution
Monsta FTP = 2.11 contains an unrestricted file upload vulnerability caused by lack of authentication on file uploads, letting unauthenticated attackers execute arbitrary code by uploading crafted files. id: CVE-2025-34299 info: name: Monsta FTP = 2.11.2 - Unauthenticated Remote Code Execution...